<?php if( ! defined('BASEPATH') ) exit('No direct script access allowed');
	
	class Administrator_authenticate {
		
		function Administrator_authenticate(){
			$this -> obj = get_instance();
		}	
		
		function check_login(){
			$login = $this -> obj -> session -> userdata('administrator_session');
			if( $login != true){
				redirect(site_url('/administrator/login/'));
			}
			return $login;
		}
		
		//$this -> administrator_authenticate -> check_permission('1', 'User Control');
		//$this -> administrator_authenticate -> check_permission('2', 'Developer Control');
		//$this -> administrator_authenticate -> check_permission('3', 'Administrator Control');
		function check_permission($permission_id, $task)
		{
			$administrator_id = $this -> obj -> session -> userdata('administrator_id');
			$query = $this -> obj -> db -> query("
				select * from tbl_user_permission 
				where 
					userid = '$administrator_id' AND
					level_id = '$permission_id'
			");
			if(! $query -> num_rows())
			{
				combine_session('failed', 'Sorry, you do not have permission to access '.$task.'.');
				redirect(site_url('/administrator/'));
			}
			return 1;
		}
		function check_both_permission($admin_id,$dev_id, $task)
		{
			$administrator_id = $this -> obj -> session -> userdata('administrator_id');
			$query = $this -> obj -> db -> query("
				select * from tbl_user_permission 
				where 
					userid = '$administrator_id' AND
					(level_id = '$admin_id' OR level_id = '$dev_id')
			");
			if(! $query -> num_rows())
			{
				combine_session('failed', 'Sorry, you do not have permission to access '.$task.'.');
				redirect(site_url('/administrator/'));
			}
			return 1;
		}
		
		function logout(){
			$this -> obj -> session -> unset_userdata('administrator_session', '');
			redirect(site_url('/administrator/login/'));
		}
		
	}
?>